Zeus, one of the most successful Man-in-the-Middle malware programs, has now emerged on the Android platform after already targeting the BlackBerry and Symbian OSes. Zeus on the mobile is often referred to as Zitmo. It poses as the trusted bank application Rapport, by Trusteer, and harvests SMS OTPs and Mobile Transaction Authentication Numbers (MTANs), then forwards them to a central server.

We will start to see more and more variants of these malware applications and browser exploits as more institutions use "weak" security on mobile phones. Banks and other entities should take a closer look at adopting challenge-response and transaction data signing if they want to futureproof themselves rather than continue firefighting. The recent security attacks have shown that hackers are the modern day equivalents of Willie Suttons. There will be more to come.